Vulnerability Details : CVE-2007-3872
Public exploit exists!
Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.
Vulnerability category: Execute code
Products affected by CVE-2007-3872
- cpe:2.3:a:hp:openview_operations:*:*:windows:*:*:*:*:*
- cpe:2.3:a:hp:shared_trace_service:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-3872
71.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2007-3872
-
HP OpenView Operations OVTrace Buffer Overflow
Disclosure Date: 2007-08-09First seen: 2020-04-26exploit/windows/misc/hp_ovtraceThis module exploits a stack buffer overflow in HP OpenView Operations version A.07.50. By sending a specially crafted packet, a remote attacker may be able to execute arbitrary code. Authors: - MC <mc@metasploit.com>
CVSS scores for CVE-2007-3872
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
References for CVE-2007-3872
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038
-
http://secunia.com/advisories/26394
-
http://www.vupen.com/english/advisories/2007/2841
-
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574
Patch
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/35928
-
http://www.securityfocus.com/bid/25255
Hewlett-Packard OpenView OVTrace Multiple Remote Buffer Overflow Vulnerabilities
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023
-
http://www.securitytracker.com/id?1018548
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068
Jump to